Recharging Runtime

文章由于 Hackthebox TOS 设置了密码，请输入密码查看. Continue reading...

Administrator10.10.11.42 info-card Machine InformationAs is common in real life Windows p... Continue reading...

文章由于 Hackthebox TOS 设置了密码，请输入密码查看. Continue reading...

Chemistry10.10.11.38 info-card app.py/home/app/app.py1234567891011121314151617181920212223... Continue reading...

23 年八月份的比赛现在才想起来这篇没发过，水一下XD WebPost Card For You下载源码，用到了 ejs 模板引擎。根据文章 https://github.com/aszx87410/blog/issues/139 可知 ejs 存在 rce，源码中不仅渲染参数可控，且存在可以重复创建 ejs 文件避免缓存的接口，满足利用条件。 12345678910111213... Continue reading...

Pilgrimage nmap1234567891011121314151617181920# Nmap 7.94 scan initiated Wed Sep 20 11:21:58 2023 as: nmap -e tun0 -sC -sV -oA nmap/default -v 10.10.11.219Nmap scan report for 10.10.11.219Host... Continue reading...

PC nmap12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849# Nmap 7.94 scan initiated Tue Sep 19 10:59:48 2023 as: nmap -e tun0 -sC -sV -p1-65535 -oA nmap/... Continue reading...

Sau nmap12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576# Nmap 7.93 scan initiated Fri Sep 8 15:30:24... Continue reading...

Zipping nmap12345678910111213141516171819# Nmap 7.93 scan initiated Sat Sep 9 17:58:19 2023 as: nmap -e tun0 -sC -sV -oA nmap/default -v 10.10.11.229Nmap scan report for 10.10.11.229Host is u... Continue reading...

CozyHosting nmap1234567891011121314151617181920212223242526272829303132# Nmap 7.93 scan initiated Fri Sep 8 10:02:01 2023 as: nmap -e tun0 -sC -sV -oA nmap/default -v 10.10.11.230Nmap scan re... Continue reading...